package ssi.actions;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.codec.digest.DigestUtils;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;

import ssi.beans.Passwords;
import ssi.beans.User;
import ssi.tools.Connector;

public class ChangePasswordAction extends Action {

	public ActionForward execute(ActionMapping mapping, ActionForm form,
			HttpServletRequest request, HttpServletResponse response)
			throws Exception {
		
		request.setCharacterEncoding("UTF-8");
		HttpSession session=request.getSession(true);
		String target = null;
		User user=(User)session.getAttribute("user");
		Passwords passwords = (Passwords) form;
		String oldPassword = DigestUtils.md5Hex(passwords.getOldPassword());
		String newPassword=DigestUtils.md5Hex(passwords.getNewPassword());
		String confirmPassword=DigestUtils.md5Hex(passwords.getConfPassword());
		
		ActionErrors actionErrors = new ActionErrors();
		
		if(!(oldPassword.equals("") || newPassword.equals("") || confirmPassword.equals("") || oldPassword==null || newPassword==null || confirmPassword==null)){
			System.out.println("Dzialam2!");
			try{
				System.out.println("Dzialam3!");
				Connection connection = new Connector().getConnection();
	    		Statement statement = connection.createStatement();
	    		statement.setMaxRows(1);
	    		ResultSet result = statement.executeQuery("SELECT email, password, type, name, surname, activation, id FROM `users` WHERE id=\""+ user.getId() + "\"");
	    		if (result.next()){
	    			System.out.println("Dzialam4!");
	    			if(result.getString(2).equals(oldPassword)){
	    				System.out.println("Dzialam5!");
	    				if(newPassword.equals(confirmPassword)){	
	    					System.out.println("Dzialam6!");
	    					
	    					statement.executeUpdate("Update users set password=\""+newPassword+"\" WHERE id='"+user.getId()+"'");
	    					System.out.println("Dzialam7!");
	    					session.setAttribute("user", user);
	    					target="success";
	    					result.close();
	    					connection.close();
	    				}else{
	    					target="failure";
	    					actionErrors.add("error",new ActionMessage("error.passwordEquals"));
	    					result.close();
	    					connection.close();
	    				}
	    			}else{
	    				target="failure";
    					actionErrors.add("error",new ActionMessage("error.oldPassword"));
    					result.close();
    					connection.close();
	    			}
	    		}else{
	    			target="failure";
					actionErrors.add("error",new ActionMessage("error.nouser"));
					result.close();
					connection.close();
	    		}
			}catch(Exception e){
				target="failure";
				actionErrors.add("error",new ActionMessage("error.catch"));
				
				
			}
		}else{
			actionErrors.add("error",new ActionMessage("error.emptyFields"));
		}
		
		if(actionErrors.size() !=0){
			extracted(request, actionErrors);
			return new ActionForward(mapping.getInput());
		}
		
		
		
		return mapping.findForward(target);
	}
	
	private void extracted(HttpServletRequest request, ActionErrors actionErrors) {
		saveErrors(request, actionErrors);
	}
}
